# redamon > An AI-powered agentic red team framework that automates offensive security operations, from reconnaissance to exploitation to post-exploitation, with zero human intervention. - **URL**: https://www.freshcrate.ai/projects/redamon - **Author**: samugit83 - **Category**: Frameworks - **Latest version**: `v4.0.0` (2026-04-19) - **License**: MIT - **Source**: https://github.com/samugit83/redamon - **Language**: Python - **GitHub**: 1,780 stars, 373 forks - **Registry**: github - **Tags**: `agentic-ai`, `ai`, `cybersecurity`, `ethical-hacking`, `ethical-hacking-tools`, `exploitation`, `metasploit`, `osint`, `python` ## Description An AI-powered agentic red team framework that automates offensive security operations, from reconnaissance to exploitation to post-exploitation, with zero human intervention. ## Recent releases | Version | Date | Urgency | Changes | | --- | --- | --- | --- | | `v4.0.0` | 2026-04-19 | High | # RedAmon 4.0.0: Fireteam + SG-ReAct RedAmon 4.0.0 ships **Fireteam**, a scatter-gather multi-agent execution mode built into the core ReAct orchestrator. The root agent can now fan out into N specialist sub-agents that work independent angles of the same objective in parallel, each with its own ReAct loop, inside the same event loop, the same MCP session, and the same Neo4j connection. Zero cross-process serialisation. The architecture is called **SG-ReAct (Scatter-Gather ReAct)**. It's the f | | `v3.8.0` | 2026-04-10 | High | ### Added - **9 new AI agent tools** -- major expansion of the agent's offensive toolkit, all exposed as dedicated MCP tools with full CLI argument passthrough: - **execute_httpx** -- HTTP probing and fingerprinting (status codes, titles, server headers, tech detection, redirect following) - **execute_subfinder** -- passive subdomain enumeration via OSINT sources (certificate transparency, DNS datasets, search engines). No traffic to target - **execute_gau** -- passive URL discovery from | | `v3.2.0` | 2026-03-31 | Medium | ### Added - **Uncover Multi-Engine Target Expansion** -- ProjectDiscovery's [uncover](https://github.com/projectdiscovery/uncover) integrated as GROUP 2b in the recon pipeline, running before Shodan and port scanning to expand the target surface. Queries up to 13 search engines simultaneously (Shodan, Censys, FOFA, ZoomEye, Netlas, CriminalIP, Quake, Hunter, PublicWWW, HunterHow, Google Custom Search, Onyphe, Driftnet) to discover exposed hosts, IPs, and endpoints associated with the target dom | | `v3.0.0` | 2026-03-23 | Medium | ### Added - **Custom Nuclei Templates Integration** — custom nuclei templates (`mcp/nuclei-templates/`) are now manageable via the UI with per-project selection, dynamically discovered by the agent, and included in automated recon scans: - **Template Upload UI**: upload, view, and delete custom `.yaml`/`.yml` nuclei templates directly from Project Settings → Nuclei → Template Options. Templates are global (shared across all projects). Upload validates nuclei template format (requires `id | | `v2.3.0` | 2026-03-14 | Low | ### Added - **Global Settings Page** — new `/settings` page (gear icon in header) for managing all user-level configuration through the UI. AI provider keys and Tavily API key are configured exclusively here — no `.env` file needed. Two sections: - **LLM Providers** — add, edit, delete, and test LLM provider configurations stored per-user in the database. Supports five provider types: - **OpenAI, Anthropic, OpenRouter** — enter API key, all models auto-discovered - **AWS Bedroc | | `v2.2.0` | 2026-03-05 | Low | ### Added - **Pipeline Pause / Resume / Stop Controls** — full lifecycle management for all three pipelines (Recon, GVM Scan, GitHub Secret Hunt): - **Pause** — freezes the running container via Docker cgroups (`container.pause()`). Zero changes to scan scripts; processes resume exactly where they left off - **Resume** — unfreezes the container (`container.unpause()`), logs resume streaming instantly - **Stop** — kills the container permanently. Paused containers are unpaused before | | `v2.1.0` | 2026-02-27 | Low | ### Added - **CypherFix — Automated Vulnerability Remediation Pipeline** — end-to-end system that takes offensive findings from the Neo4j graph and turns them into merged code fixes: - **Triage Agent** (`cypherfix_triage/`): AI agent that queries the Neo4j knowledge graph, correlates hundreds of reconnaissance and exploitation findings, deduplicates them, ranks by exploitability and severity, and produces a prioritized remediation plan - **CodeFix Agent** (`cypherfix_codefix/`): autonom | | `v1.3.0` | 2026-02-19 | Low | ### Added - **Multi-Provider LLM Support** — the agent now supports **4 AI providers** (OpenAI, Anthropic, OpenRouter, AWS Bedrock) with 400+ selectable models. Models are dynamically fetched from each provider's API and cached for 1 hour. Provider is auto-detected via a prefix convention (`openrouter/`, `bedrock/`, `claude-*`, or plain OpenAI) - **Dynamic Model Selector** — replaced the hardcoded 11-model dropdown with a searchable, provider-grouped model picker in Project Settings. Type to | | `v1.2.0` | 2026-02-14 | Low | ### Added - **GVM Vulnerability Scanning** — full end-to-end integration of Greenbone Vulnerability Management (GVM/OpenVAS) into the RedAmon pipeline: - Python scanner module (`gvm_scan/`) with `GVMScanner` class wrapping the GMP protocol for headless API-based scanning - Orchestrator endpoints (`/gvm/{id}/start`, `/gvm/{id}/status`, `/gvm/{id}/stop`, `/gvm/{id}/logs`) with SSE log streaming - Webapp API routes, `useGvmStatus` polling hook, `useGvmSSE` streaming hook, toolbar button | | `v1.1.0` | 2026-02-08 | Low | ### Added - **Attack Path System** — agent now supports dynamic attack path selection with two built-in paths: - **CVE Exploit** — automated Metasploit module search, payload configuration, and exploit execution - **Brute Force Credential Guess** — service-level brute force with configurable wordlists and max attempts per service - **Agent Guidance** — send real-time steering messages to the agent while it works, injected into the system prompt before the next reasoning step - **Agent | ## Citation - HTML: https://www.freshcrate.ai/projects/redamon - Markdown: https://www.freshcrate.ai/projects/redamon.md - Dependencies JSON: https://www.freshcrate.ai/api/projects/redamon/deps _Generated by freshcrate.ai. Indexes github releases for AI-agent ecosystem packages._